If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Log Analyzers

I have been lately involved in lot of loganalysis tools and would like your help in deciding upon a good tool. My requirement is basically to look for log analyzer softwares with good reporting for security and compliance.

These two look ok, but have you looked into a SIM product. I'm in the process of getting management where I work to buy the Cisco Mars product. You might want to look into that product too. Are you looking for a Security Information Management product?

I use NeuSecure, which has been bought up about 3 times in the last six months. Currently, IBM owns the product.

I LOVE this console (SIM solution). I feed events from all core assets and have now got a handle on what's going on out there. The downside to any of these beasts is cost and the effort needed to tune them properly. Another nasty is bug discovery which seems to happen more so with products with "bigger than life" feature sets.

I looked at NetForensics product which was absolute crap and also at CAs offering which was less than user friendly.

ArcSite was another one I looked at but the pricing, $150 grand, left it way out of reach.

Anyway, another 2 cents.

--TH13

Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

&gt;&gt; A 200 hosts per year license for EventLog Analyzer costs only $2490 . These guys seem to be having another product called Firewall Analyzer which does the log analysis for firewalls, vpns & routers!

I guess a complete SIM software would mean an integration of these 2 products and more?

By the way whats the pricing for NeuSecure ? What type of reports do they support? since reporting is essential for me to place my bet on the product. As of now the eventlog analyzer had some kewl reports, courtesy their free edition